Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability
BID:12868
Info
Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability
| Bugtraq ID: | 12868 |
| Class: | Input Validation Error |
| CVE: |
CVE-2005-0842 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 22 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | Discovery is credited to James Bercegay of the GulfTech Security Research Team. |
| Vulnerable: |
Kayako eSupport 2.3 |
| Not Vulnerable: | |
Discussion
Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability
Kayako ESupport is prone to a cross-site scripting vulnerability.
Multiple parameters of the 'index.php' script can be exploited to pass malicious HTML and script code to the application.
This would occur in the security context of the affected Web site and may allow for theft of cookie-based authentication credentials or other attacks.
ESupport 2.3 is reported vulnerable, however, it is possible that other versions are affected as well.
Kayako ESupport is prone to a cross-site scripting vulnerability.
Multiple parameters of the 'index.php' script can be exploited to pass malicious HTML and script code to the application.
This would occur in the security context of the affected Web site and may allow for theft of cookie-based authentication credentials or other attacks.
ESupport 2.3 is reported vulnerable, however, it is possible that other versions are affected as well.
Exploit / POC
Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability
An exploit is not required.
The following proof of concept examples are available:
http://www.example.com/index.php?_a=knowledgebase&_j=questiondetails&_i=[INT][XSS]
http://www.example.com/index.php?_a=knowledgebase&_j=questionprint&_i=[INT][XSS]
http://www.example.com/index.php?_a=troubleshooter&_c=[INT][XSS]
http://www.example.com/index.php?_a=knowledgebase&_j=subcat&_i=[INT][XSS]
where [INT] is a valid integer value.
An exploit is not required.
The following proof of concept examples are available:
http://www.example.com/index.php?_a=knowledgebase&_j=questiondetails&_i=[INT][XSS]
http://www.example.com/index.php?_a=knowledgebase&_j=questionprint&_i=[INT][XSS]
http://www.example.com/index.php?_a=troubleshooter&_c=[INT][XSS]
http://www.example.com/index.php?_a=knowledgebase&_j=subcat&_i=[INT][XSS]
where [INT] is a valid integer value.
Solution / Fix
Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Kayako ESupport Index.PHP Multiple Parameter Cross-Site Scripting Vulnerability
References:
References:
- Kayako Homepage (Kayako)
- Kayako eSupport Cross Site Scripting ("GulfTech Security Research"